adrian-enspired · March 7, 2025 02:40 · Oct 2, 2020 · Oct 2, 2020 · Aug 17, 2019 · Aug 17, 2019
diff --git a/php-first.md b/php-first.md
@@ -73,11 +73,8 @@ $page["title"] = "Hello, World!";
 $user = $_SESSION["user"] ?? "Guest";
 
 $DB = new PDO( … );
-$stmt = $DB->prepare("SELECT heading, body FROM content WHERE page=:page");
-$stmt->execute(["page" => $page["id"]]);
-foreach ($stmt as $row) {
-  $contents[] = [$row["heading"], $row["body"]];
-}
+$rows = $DB->prepare("SELECT heading, body FROM content WHERE page=:page");
+$rows->execute(["page" => $page["id"]]);
 
 ?>
 <!doctype html>
@@ -92,9 +89,9 @@ foreach ($stmt as $row) {
     <p><a href="/login.php">Click Here to log in</a>
 <?php endif; ?>
     <h1><?= htmlspecialchars($page["title"], ENT_QUOTES, "UTF-8") ?></h1>
-<?php foreach ($contents as list($heading, $body)) : ?>
-    <h2><?= htmlspecialchars($heading, ENT_QUOTES, "UTF-8") ?></h2>
-    <p><?= htmlspecialchars($body, ENT_QUOTES, "UTF-8") ?>
+<?php foreach ($rows as $row) : ?>
+    <h2><?= htmlspecialchars($row["heading"], ENT_QUOTES, "UTF-8") ?></h2>
+    <p><?= htmlspecialchars($row["body"], ENT_QUOTES, "UTF-8") ?>
 <?php endforeach; ?>
   </body>
 </html>

diff --git a/php-first.md b/php-first.md
@@ -68,41 +68,35 @@ _a better example_
 <?php
 session_start();
 
-$page["id"]    = 1;
+$page["id"] = 1;
 $page["title"] = "Hello, World!";
-$user = isset($_SESSION["user"]) ? $_SESSION["user"] : "Guest";
-
-try{
-    $DB = new PDO( … );
-    $stmt = $DB->prepare("SELECT heading, body FROM content WHERE page=:page");
-    $stmt->execute(["page" => $page["id"]]);
-    foreach ($stmt as $row) {
-        $contents[] = [$row["heading"], $row["body"]];
-    }
-} catch (PDOException $e) {
-    log_error($e->getMessage());
-    show_error_page_or_whatever();
-    exit;
+$user = $_SESSION["user"] ?? "Guest";
+
+$DB = new PDO( … );
+$stmt = $DB->prepare("SELECT heading, body FROM content WHERE page=:page");
+$stmt->execute(["page" => $page["id"]]);
+foreach ($stmt as $row) {
+  $contents[] = [$row["heading"], $row["body"]];
 }
 
 ?>
 <!doctype html>
 <html>
-    <head>
-        <meta charset="utf-8">
-        <title><?= htmlspecialchars($page["title"], ENT_QUOTES, "UTF-8") ?></title>
-    </head>
-    <body>
-        <p class="welcome">Welcome, <?= htmlspecialchars($user, ENT_QUOTES, "UTF-8") ?>!
+  <head>
+    <meta charset="utf-8">
+    <title><?= htmlspecialchars($page["title"], ENT_QUOTES, "UTF-8") ?></title>
+  </head>
+  <body>
+    <p class="welcome">Welcome, <?= htmlspecialchars($user, ENT_QUOTES, "UTF-8") ?>!
 <?php if ($user === "Guest") : ?>
-        <p><a href="/login.php">Click Here to log in</a>
+    <p><a href="/login.php">Click Here to log in</a>
 <?php endif; ?>
-        <h1><?= htmlspecialchars($page["title"], ENT_QUOTES, "UTF-8") ?></h1>
+    <h1><?= htmlspecialchars($page["title"], ENT_QUOTES, "UTF-8") ?></h1>
 <?php foreach ($contents as list($heading, $body)) : ?>
-        <h2><?= htmlspecialchars($heading, ENT_QUOTES, "UTF-8") ?></h2>
-        <p><?= htmlspecialchars($body, ENT_QUOTES, "UTF-8") ?>
+    <h2><?= htmlspecialchars($heading, ENT_QUOTES, "UTF-8") ?></h2>
+    <p><?= htmlspecialchars($body, ENT_QUOTES, "UTF-8") ?>
 <?php endforeach; ?>
-    </body>
+  </body>
 </html>
 ```
 

diff --git a/php-first.md b/php-first.md
@@ -93,7 +93,7 @@ try{
         <title><?= htmlspecialchars($page["title"], ENT_QUOTES, "UTF-8") ?></title>
     </head>
     <body>
-        <p class="welcome">Welcome, <?= htmlspecialchars($user ?>!
+        <p class="welcome">Welcome, <?= htmlspecialchars($user, ENT_QUOTES, "UTF-8") ?>!
 <?php if ($user === "Guest") : ?>
         <p><a href="/login.php">Click Here to log in</a>
 <?php endif; ?>

diff --git a/php-first.md b/php-first.md
@@ -81,7 +81,7 @@ try{
     }
 } catch (PDOException $e) {
     log_error($e->getMessage());
-    output_error_page();
+    show_error_page_or_whatever();
     exit;
 }
 

diff --git a/php-first.md b/php-first.md
@@ -81,7 +81,7 @@ try{
     }
 } catch (PDOException $e) {
     log_error($e->getMessage());
-    header("Location: http://example.com/error-message.html");
+    output_error_page();
     exit;
 }
 

diff --git a/php-first.md b/php-first.md
@@ -74,13 +74,10 @@ $user = isset($_SESSION["user"]) ? $_SESSION["user"] : "Guest";
 
 try{
     $DB = new PDO( … );
-    $stmt = $DB->prepare("SELECT heading,body FROM content WHERE page=:page");
+    $stmt = $DB->prepare("SELECT heading, body FROM content WHERE page=:page");
     $stmt->execute(["page" => $page["id"]]);
     foreach ($stmt as $row) {
-        $contents[] = [
-            htmlspecialchars($row["heading"], ENT_QUOTES, "UTF-8"),
-            htmlspecialchars($row["body"], ENT_QUOTES, "UTF-8")
-        ];
+        $contents[] = [$row["heading"], $row["body"]];
     }
 } catch (PDOException $e) {
     log_error($e->getMessage());
@@ -93,17 +90,17 @@ try{
 <html>
     <head>
         <meta charset="utf-8">
-        <title><?= $page["title"] ?></title>
+        <title><?= htmlspecialchars($page["title"], ENT_QUOTES, "UTF-8") ?></title>
     </head>
     <body>
-        <p class="welcome">Welcome, <?= $user ?>!
+        <p class="welcome">Welcome, <?= htmlspecialchars($user ?>!
 <?php if ($user === "Guest") : ?>
         <p><a href="/login.php">Click Here to log in</a>
 <?php endif; ?>
-        <h1><?= $page["title"] ?></h1>
+        <h1><?= htmlspecialchars($page["title"], ENT_QUOTES, "UTF-8") ?></h1>
 <?php foreach ($contents as list($heading, $body)) : ?>
-        <h2><?= $heading ?></h2>
-        <p><?= $body ?>
+        <h2><?= htmlspecialchars($heading, ENT_QUOTES, "UTF-8") ?></h2>
+        <p><?= htmlspecialchars($body, ENT_QUOTES, "UTF-8") ?>
 <?php endforeach; ?>
     </body>
 </html>

diff --git a/php-first.md b/php-first.md
@@ -27,10 +27,9 @@ $page["title"] = "Hello, World!";
 <?php
 
 session_start();
-if( isset( $_SESSION["user"] ) ){
+if (isset($_SESSION["user"])) {
     echo '<p class="welcome">Welcome, '.$_SESSION["user"].'!';
-}
-else{
+} else {
     echo '<p class="welcome">Welcome, Guest!</p>';
     echo '<a href="/login.php">Click Here to log in</a>';
 }
@@ -40,11 +39,11 @@ else{
 <?php
 
 $DB = new PDO( … );
-$stmt = $DB->prepare( "SELECT heading,body FROM content WHERE page=:page" );
-$stmt->execute( ["page"=>$page["id"]] );
-while( $row = $stmt->fetch() ){
-    echo "<h2>".htmlspecialchars( $row["heading"],ENT_QUOTES,"UTF-8" )."</h2>";
-    echo "<p>".htmlspecialchars( $row["body"],ENT_QUOTES,"UTF-8" );
+$stmt = $DB->prepare("SELECT heading,body FROM content WHERE page=:page");
+$stmt->execute(["page" => $page["id"]]);
+while ($row = $stmt->fetch()) {
+    echo "<h2>".htmlspecialchars($row["heading"], ENT_QUOTES, "UTF-8")."</h2>";
+    echo "<p>".htmlspecialchars($row["body"], ENT_QUOTES, "UTF-8");
 }
 
 ?>
@@ -58,9 +57,9 @@ For example, you'd say, "everyone knows session_start() has to be at the top of
 But there are probably more problems than you think.
 What happens if there's an error connection to the database?  
 
-    "Hello, World! Fatal Error: uncaught PDOException with message 'here's my DB password!' ..."?
+    "Welcome, Guest! Fatal Error: uncaught PDOException with message 'here's my DB password!' ..."?
 
-You can't even show a nice error page, because you've already started printing _this_ page.
+You can't even show a nice error page, because you've already started outputting _this_ page.
 
 ----------
 
@@ -71,23 +70,21 @@ session_start();
 
 $page["id"]    = 1;
 $page["title"] = "Hello, World!";
-$user = isset( $_SESSION["user"] )?
-    $_SESSION["user"]:
-    "Guest";
+$user = isset($_SESSION["user"]) ? $_SESSION["user"] : "Guest";
 
 try{
     $DB = new PDO( … );
-    $stmt = $DB->prepare( "SELECT heading,body FROM content WHERE page=:page" );
-    $stmt->execute( ["page"=>$page["id"]] );
+    $stmt = $DB->prepare("SELECT heading,body FROM content WHERE page=:page");
+    $stmt->execute(["page" => $page["id"]]);
     foreach ($stmt as $row) {
         $contents[] = [
-            htmlspecialchars( $row["heading"],ENT_QUOTES,"UTF-8" ),
-            htmlspecialchars( $row["body"],ENT_QUOTES,"UTF-8" )
+            htmlspecialchars($row["heading"], ENT_QUOTES, "UTF-8"),
+            htmlspecialchars($row["body"], ENT_QUOTES, "UTF-8")
         ];
     }
-} catch( PDOException $E ){
-    log_error( $E->getMessage() );
-    header( "Location: http://example.com/error-message.html" );
+} catch (PDOException $e) {
+    log_error($e->getMessage());
+    header("Location: http://example.com/error-message.html");
     exit;
 }
 
@@ -100,11 +97,11 @@ try{
     </head>
     <body>
         <p class="welcome">Welcome, <?= $user ?>!
-<?php if( $user === "Guest" ): ?>
+<?php if ($user === "Guest") : ?>
         <p><a href="/login.php">Click Here to log in</a>
 <?php endif; ?>
         <h1><?= $page["title"] ?></h1>
-<?php foreach( $contents as list( $heading,$body ) ): ?>
+<?php foreach ($contents as list($heading, $body)) : ?>
         <h2><?= $heading ?></h2>
         <p><?= $body ?>
 <?php endforeach; ?>

diff --git a/php-first.md b/php-first.md
@@ -79,14 +79,13 @@ try{
     $DB = new PDO( … );
     $stmt = $DB->prepare( "SELECT heading,body FROM content WHERE page=:page" );
     $stmt->execute( ["page"=>$page["id"]] );
-    while( $row = $stmt->fetch() ){
+    foreach ($stmt as $row) {
         $contents[] = [
             htmlspecialchars( $row["heading"],ENT_QUOTES,"UTF-8" ),
             htmlspecialchars( $row["body"],ENT_QUOTES,"UTF-8" )
         ];
     }
-}
-catch( PDOException $E ){
+} catch( PDOException $E ){
     log_error( $E->getMessage() );
     header( "Location: http://example.com/error-message.html" );
     exit;

diff --git a/gist.php-first.md → php-first.md b/gist.php-first.md → php-first.md
@@ -1,4 +1,4 @@
-## PHP First
+# PHP First
 
 Generally speaking, your PHP code can be sorted into two categories: 
 

diff --git a/gist.php-first.md b/gist.php-first.md
@@ -1,3 +1,5 @@
+## PHP First
+
 Generally speaking, your PHP code can be sorted into two categories: 
 
 - code which _does work_ (processing input, controller logic, database access, error handling, etc.), and 

diff --git a/gist.php-first.md b/gist.php-first.md
@@ -5,6 +5,8 @@ Generally speaking, your PHP code can be sorted into two categories:
 
 _work_ goes FIRST. _output_ goes LAST. 
 
+----------
+
 _a bad example_
 ```php
 <?php
@@ -58,6 +60,8 @@ What happens if there's an error connection to the database?
 
 You can't even show a nice error page, because you've already started printing _this_ page.
 
+----------
+
 _a better example_
 ```php
 <?php
@@ -110,6 +114,8 @@ catch( PDOException $E ){
 Just a little bit of reorganization, and all the problems are gone.
 See how there's a clear, dividing line that separates your "behind-the-scenes" work on the server from the body of your response?
 
+----------
+
 "php FIRST" is really the _least_ you should be doing; but it _is_ a big, positive step.
 If you do this and nothing more, my rage will be quieted.
 However, it's a solid foundation for learning about:

diff --git a/php-first.BAD.php b/php-first.BAD.php
@@ -1,39 +0,0 @@
-<?php
-
-$page["id"]    = 1;
-$page["title"] = "Hello, World!";
-
-?>
-<!doctype html>
-<html>
-    <head>
-      <meta charset="utf-8">
-      <title><?= $page["title"] ?></title>
-    </head>
-    <body>
-<?php
-
-session_start();
-if( isset( $_SESSION["user"] ) ){
-    echo '<p class="welcome">Welcome, '.$_SESSION["user"].'!';
-}
-else{
-    echo '<p class="welcome">Welcome, Guest!</p>';
-    echo '<a href="/login.php">Click Here to log in</a>';
-}
-
-?>
-        <h1><?= $page["title"] ?></h1>
-<?php
-
-$DB = new PDO( … );
-$stmt = $DB->prepare( "SELECT heading,body FROM content WHERE page=:page" );
-$stmt->execute( ["page"=>$page["id"]] );
-while( $row = $stmt->fetch() ){
-    echo "<h2>".htmlspecialchars( $row["heading"],ENT_QUOTES,"UTF-8" )."</h2>";
-    echo "<p>".htmlspecialchars( $row["body"],ENT_QUOTES,"UTF-8" );
-}
-
-?>
-    </body>
-</html>

diff --git a/php-first.BAD.why.md b/php-first.BAD.why.md
@@ -1,9 +0,0 @@
-As you might have guessed, this won't even work.
-For example, you'd say, "everyone knows session_start() has to be at the top of your script!!"  (ahh, but _why_?)
-
-But there are probably more problems than you think.
-What happens if there's an error connection to the database?  
-
-    "Hello, World! Fatal Error: uncaught PDOException with message 'here's my DB password!' ..."?
-
-You can't even show a nice error page, because you've already started printing _this_ page.

diff --git a/php-first.GOOD.php b/php-first.GOOD.php
@@ -1,45 +0,0 @@
-<?php
-session_start();
-
-$page["id"]    = 1;
-$page["title"] = "Hello, World!";
-$user = isset( $_SESSION["user"] )?
-    $_SESSION["user"]:
-    "Guest";
-
-try{
-    $DB = new PDO( … );
-    $stmt = $DB->prepare( "SELECT heading,body FROM content WHERE page=:page" );
-    $stmt->execute( ["page"=>$page["id"]] );
-    while( $row = $stmt->fetch() ){
-        $contents[] = [
-            htmlspecialchars( $row["heading"],ENT_QUOTES,"UTF-8" ),
-            htmlspecialchars( $row["body"],ENT_QUOTES,"UTF-8" )
-        ];
-    }
-}
-catch( PDOException $E ){
-    log_error( $E->getMessage() );
-    header( "Location: http://example.com/error-message.html" );
-    exit;
-}
-
-?>
-<!doctype html>
-<html>
-    <head>
-        <meta charset="utf-8">
-        <title><?= $page["title"] ?></title>
-    </head>
-    <body>
-        <p class="welcome">Welcome, <?= $user ?>!
-<?php if( $user === "Guest" ): ?>
-        <p><a href="/login.php">Click Here to log in</a>
-<?php endif; ?>
-        <h1><?= $page["title"] ?></h1>
-<?php foreach( $contents as list( $heading,$body ) ): ?>
-        <h2><?= $heading ?></h2>
-        <p><?= $body ?>
-<?php endforeach; ?>
-    </body>
-</html>

diff --git a/php-first.GOOD.why.md b/php-first.GOOD.why.md
@@ -1,11 +0,0 @@
-Just a little bit of reorganization, and all the problems are gone.
-See how there's a clear, dividing line that separates your "behind-the-scenes" work on the server from the body of your response?
-
-"php FIRST" is really the _least_ you should be doing; but it _is_ a big, positive step.
-If you do this and nothing more, my rage will be quieted.
-However, it's a solid foundation for learning about:
-
-* templating
-* separation of concerns
-
-have fun!

diff --git a/gist.php-first.md b/gist.php-first.md
@@ -3,4 +3,118 @@ Generally speaking, your PHP code can be sorted into two categories:
 - code which _does work_ (processing input, controller logic, database access, error handling, etc.), and 
 - code which _produces output_ (`echo`, `<?= $var ?>`, plain `<html>`, etc.). 
 
-_work_ goes FIRST. _output_ goes LAST. 
+_work_ goes FIRST. _output_ goes LAST. 
+
+_a bad example_
+```php
+<?php
+
+$page["id"]    = 1;
+$page["title"] = "Hello, World!";
+
+?>
+<!doctype html>
+<html>
+    <head>
+      <meta charset="utf-8">
+      <title><?= $page["title"] ?></title>
+    </head>
+    <body>
+<?php
+
+session_start();
+if( isset( $_SESSION["user"] ) ){
+    echo '<p class="welcome">Welcome, '.$_SESSION["user"].'!';
+}
+else{
+    echo '<p class="welcome">Welcome, Guest!</p>';
+    echo '<a href="/login.php">Click Here to log in</a>';
+}
+
+?>
+        <h1><?= $page["title"] ?></h1>
+<?php
+
+$DB = new PDO( … );
+$stmt = $DB->prepare( "SELECT heading,body FROM content WHERE page=:page" );
+$stmt->execute( ["page"=>$page["id"]] );
+while( $row = $stmt->fetch() ){
+    echo "<h2>".htmlspecialchars( $row["heading"],ENT_QUOTES,"UTF-8" )."</h2>";
+    echo "<p>".htmlspecialchars( $row["body"],ENT_QUOTES,"UTF-8" );
+}
+
+?>
+    </body>
+</html>
+```
+
+As you might have guessed, this won't even work.
+For example, you'd say, "everyone knows session_start() has to be at the top of your script!!"  (ahh, but _why_?)
+
+But there are probably more problems than you think.
+What happens if there's an error connection to the database?  
+
+    "Hello, World! Fatal Error: uncaught PDOException with message 'here's my DB password!' ..."?
+
+You can't even show a nice error page, because you've already started printing _this_ page.
+
+_a better example_
+```php
+<?php
+session_start();
+
+$page["id"]    = 1;
+$page["title"] = "Hello, World!";
+$user = isset( $_SESSION["user"] )?
+    $_SESSION["user"]:
+    "Guest";
+
+try{
+    $DB = new PDO( … );
+    $stmt = $DB->prepare( "SELECT heading,body FROM content WHERE page=:page" );
+    $stmt->execute( ["page"=>$page["id"]] );
+    while( $row = $stmt->fetch() ){
+        $contents[] = [
+            htmlspecialchars( $row["heading"],ENT_QUOTES,"UTF-8" ),
+            htmlspecialchars( $row["body"],ENT_QUOTES,"UTF-8" )
+        ];
+    }
+}
+catch( PDOException $E ){
+    log_error( $E->getMessage() );
+    header( "Location: http://example.com/error-message.html" );
+    exit;
+}
+
+?>
+<!doctype html>
+<html>
+    <head>
+        <meta charset="utf-8">
+        <title><?= $page["title"] ?></title>
+    </head>
+    <body>
+        <p class="welcome">Welcome, <?= $user ?>!
+<?php if( $user === "Guest" ): ?>
+        <p><a href="/login.php">Click Here to log in</a>
+<?php endif; ?>
+        <h1><?= $page["title"] ?></h1>
+<?php foreach( $contents as list( $heading,$body ) ): ?>
+        <h2><?= $heading ?></h2>
+        <p><?= $body ?>
+<?php endforeach; ?>
+    </body>
+</html>
+```
+
+Just a little bit of reorganization, and all the problems are gone.
+See how there's a clear, dividing line that separates your "behind-the-scenes" work on the server from the body of your response?
+
+"php FIRST" is really the _least_ you should be doing; but it _is_ a big, positive step.
+If you do this and nothing more, my rage will be quieted.
+However, it's a solid foundation for learning about:
+
+* templating
+* separation of concerns
+
+have fun!
diff --git a/gist.php-first.md b/gist.php-first.md
@@ -1,6 +1,6 @@
 Generally speaking, your PHP code can be sorted into two categories: 
 
 - code which _does work_ (processing input, controller logic, database access, error handling, etc.), and 
-- code which _produces output_ (`echo`, `<?= $var ?>`,plain `<html>`, etc.). 
+- code which _produces output_ (`echo`, `<?= $var ?>`, plain `<html>`, etc.). 
 
 _work_ goes FIRST. _output_ goes LAST. 
diff --git a/php-first.BAD.why.md b/php-first.BAD.why.md
@@ -1,5 +1,5 @@
 As you might have guessed, this won't even work.
-For example, you'd say, "everyone knows session_start() has to be at the top of your script!!"
+For example, you'd say, "everyone knows session_start() has to be at the top of your script!!"  (ahh, but _why_?)
 
 But there are probably more problems than you think.
 What happens if there's an error connection to the database?  

diff --git a/php-first.BAD.php b/php-first.BAD.php
@@ -36,12 +36,4 @@
 
 ?>
     </body>
-</html>
-<!--
-    As you might have guessed, this won't even work.
-    For example, you'd say, "everyone knows session_start() has to be at the top of your script!!"
-    But there are probably more problems than you think.
-    What happens if there's an error connection to the database?  
-        "Hello, World! Fatal Error: uncaught PDOException with message 'check out my DB password' ..."?
-    You can't show a nice error page, because you've already started printing _this_ page.
--->
+</html>
diff --git a/php-first.BAD.why.md b/php-first.BAD.why.md
@@ -0,0 +1,9 @@
+As you might have guessed, this won't even work.
+For example, you'd say, "everyone knows session_start() has to be at the top of your script!!"
+
+But there are probably more problems than you think.
+What happens if there's an error connection to the database?  
+
+    "Hello, World! Fatal Error: uncaught PDOException with message 'here's my DB password!' ..."?
+
+You can't even show a nice error page, because you've already started printing _this_ page.
diff --git a/php-first.GOOD.php b/php-first.GOOD.php
@@ -42,15 +42,4 @@
         <p><?= $body ?>
 <?php endforeach; ?>
     </body>
-</html>
-<!--
-    Just a little bit of reorganization, and all the problems are gone.
-    See how there's a clear, dividing line that separates your "behind-the-scenes" work on the server 
-        from the body of your response?
-    "php FIRST" is really the _least_ you should be doing; but it _is_ a big, positive step.
-    If you do this and nothing more, my rage will be quieted.
-    However, it's a solid foundation for learning about:
-        * templating
-        * separation of concerns
-    have fun!
--->
+</html>
diff --git a/php-first.GOOD.why.md b/php-first.GOOD.why.md
@@ -0,0 +1,11 @@
+Just a little bit of reorganization, and all the problems are gone.
+See how there's a clear, dividing line that separates your "behind-the-scenes" work on the server from the body of your response?
+
+"php FIRST" is really the _least_ you should be doing; but it _is_ a big, positive step.
+If you do this and nothing more, my rage will be quieted.
+However, it's a solid foundation for learning about:
+
+* templating
+* separation of concerns
+
+have fun!
diff --git a/gist.php-first.md b/gist.php-first.md
@@ -1,4 +1,4 @@
-your PHP can be sorted into two categories: 
+Generally speaking, your PHP code can be sorted into two categories: 
 
 - code which _does work_ (processing input, controller logic, database access, error handling, etc.), and 
 - code which _produces output_ (`echo`, `<?= $var ?>`,plain `<html>`, etc.). 

diff --git a/gist.php-first.md b/gist.php-first.md
@@ -1,6 +1,6 @@
 your PHP can be sorted into two categories: 
 
 - code which _does work_ (processing input, controller logic, database access, error handling, etc.), and 
-- code which _produces output_ (echo, &lt;?= $var ?>,plain &lt;html>, etc.). 
+- code which _produces output_ (`echo`, `<?= $var ?>`,plain `<html>`, etc.). 
 
 _work_ goes FIRST. _output_ goes LAST. 
diff --git a/php-first.md → gist.php-first.md b/php-first.md → gist.php-first.md
@@ -1,6 +1,6 @@
 your PHP can be sorted into two categories: 
 
 - code which _does work_ (processing input, controller logic, database access, error handling, etc.), and 
-- code which _produces output_(echo, <?= $var ?>,plain <html>, etc.). 
-- 
-- _work_ goes FIRST. _output_ goes LAST. 
+- code which _produces output_ (echo, &lt;?= $var ?>,plain &lt;html>, etc.). 
+
+_work_ goes FIRST. _output_ goes LAST. 
diff --git a/php-first.md b/php-first.md
@@ -0,0 +1,6 @@
+your PHP can be sorted into two categories: 
+
+- code which _does work_ (processing input, controller logic, database access, error handling, etc.), and 
+- code which _produces output_(echo, <?= $var ?>,plain <html>, etc.). 
+- 
+- _work_ goes FIRST. _output_ goes LAST. 
diff --git a/php-first.BAD.php b/php-first.BAD.php
@@ -6,11 +6,11 @@
 ?>
 <!doctype html>
 <html>
-  <head>
-    <meta charset="utf-8">
-    <title><?= $page["title"] ?></title>
-  </head>
-  <body>
+    <head>
+      <meta charset="utf-8">
+      <title><?= $page["title"] ?></title>
+    </head>
+    <body>
 <?php
 
 session_start();
@@ -23,7 +23,7 @@
 }
 
 ?>
-    <h1><?= $page["title"] ?></h1>
+        <h1><?= $page["title"] ?></h1>
 <?php
 
 $DB = new PDO( … );
@@ -35,7 +35,7 @@
 }
 
 ?>
-  </body>
+    </body>
 </html>
 <!--
     As you might have guessed, this won't even work.

diff --git a/php-first.GOOD.php b/php-first.GOOD.php
@@ -27,21 +27,21 @@
 ?>
 <!doctype html>
 <html>
-  <head>
-    <meta charset="utf-8">
-    <title><?= $page["title"] ?></title>
-  </head>
-  <body>
-    <p class="welcome">Welcome, <?= $user ?>!
+    <head>
+        <meta charset="utf-8">
+        <title><?= $page["title"] ?></title>
+    </head>
+    <body>
+        <p class="welcome">Welcome, <?= $user ?>!
 <?php if( $user === "Guest" ): ?>
-    <p><a href="/login.php">Click Here to log in</a>
+        <p><a href="/login.php">Click Here to log in</a>
 <?php endif; ?>
-    <h1><?= $page["title"] ?></h1>
+        <h1><?= $page["title"] ?></h1>
 <?php foreach( $contents as list( $heading,$body ) ): ?>
-    <h2><?= $heading ?></h2>
-    <p><?= $body ?>
+        <h2><?= $heading ?></h2>
+        <p><?= $body ?>
 <?php endforeach; ?>
-  </body>
+    </body>
 </html>
 <!--
     Just a little bit of reorganization, and all the problems are gone.

diff --git a/php-first.BAD.php b/php-first.BAD.php
@@ -42,6 +42,6 @@
     For example, you'd say, "everyone knows session_start() has to be at the top of your script!!"
     But there are probably more problems than you think.
     What happens if there's an error connection to the database?  
-        "Hello, World! Fatal Error: uncaught PDOException with message 'here check out my DB credentials' ..."?
+        "Hello, World! Fatal Error: uncaught PDOException with message 'check out my DB password' ..."?
     You can't show a nice error page, because you've already started printing _this_ page.
 -->
diff --git a/php-first.GOOD.php b/php-first.GOOD.php
@@ -45,7 +45,8 @@
 </html>
 <!--
     Just a little bit of reorganization, and all the problems are gone.
-    See how there's a clear, dividing line that separates your "behind-the-scenes" work on the server from the body of your response?
+    See how there's a clear, dividing line that separates your "behind-the-scenes" work on the server 
+        from the body of your response?
     "php FIRST" is really the _least_ you should be doing; but it _is_ a big, positive step.
     If you do this and nothing more, my rage will be quieted.
     However, it's a solid foundation for learning about:

diff --git a/php-first.GOOD.php b/php-first.GOOD.php
@@ -45,6 +45,7 @@
 </html>
 <!--
     Just a little bit of reorganization, and all the problems are gone.
+    See how there's a clear, dividing line that separates your "behind-the-scenes" work on the server from the body of your response?
     "php FIRST" is really the _least_ you should be doing; but it _is_ a big, positive step.
     If you do this and nothing more, my rage will be quieted.
     However, it's a solid foundation for learning about:

diff --git a/php-first.BAD.php b/php-first.BAD.php
@@ -18,7 +18,7 @@
     echo '<p class="welcome">Welcome, '.$_SESSION["user"].'!';
 }
 else{
-    echo '<p class="welcome">Welcome, Guest!</p>;
+    echo '<p class="welcome">Welcome, Guest!</p>';
     echo '<a href="/login.php">Click Here to log in</a>';
 }
 

diff --git a/php-first.BAD.php b/php-first.BAD.php
@@ -0,0 +1,47 @@
+<?php
+
+$page["id"]    = 1;
+$page["title"] = "Hello, World!";
+
+?>
+<!doctype html>
+<html>
+  <head>
+    <meta charset="utf-8">
+    <title><?= $page["title"] ?></title>
+  </head>
+  <body>
+<?php
+
+session_start();
+if( isset( $_SESSION["user"] ) ){
+    echo '<p class="welcome">Welcome, '.$_SESSION["user"].'!';
+}
+else{
+    echo '<p class="welcome">Welcome, Guest!</p>;
+    echo '<a href="/login.php">Click Here to log in</a>';
+}
+
+?>
+    <h1><?= $page["title"] ?></h1>
+<?php
+
+$DB = new PDO( … );
+$stmt = $DB->prepare( "SELECT heading,body FROM content WHERE page=:page" );
+$stmt->execute( ["page"=>$page["id"]] );
+while( $row = $stmt->fetch() ){
+    echo "<h2>".htmlspecialchars( $row["heading"],ENT_QUOTES,"UTF-8" )."</h2>";
+    echo "<p>".htmlspecialchars( $row["body"],ENT_QUOTES,"UTF-8" );
+}
+
+?>
+  </body>
+</html>
+<!--
+    As you might have guessed, this won't even work.
+    For example, you'd say, "everyone knows session_start() has to be at the top of your script!!"
+    But there are probably more problems than you think.
+    What happens if there's an error connection to the database?  
+        "Hello, World! Fatal Error: uncaught PDOException with message 'here check out my DB credentials' ..."?
+    You can't show a nice error page, because you've already started printing _this_ page.
+-->
diff --git a/php-first.GOOD.php b/php-first.GOOD.php
@@ -0,0 +1,54 @@
+<?php
+session_start();
+
+$page["id"]    = 1;
+$page["title"] = "Hello, World!";
+$user = isset( $_SESSION["user"] )?
+    $_SESSION["user"]:
+    "Guest";
+
+try{
+    $DB = new PDO( … );
+    $stmt = $DB->prepare( "SELECT heading,body FROM content WHERE page=:page" );
+    $stmt->execute( ["page"=>$page["id"]] );
+    while( $row = $stmt->fetch() ){
+        $contents[] = [
+            htmlspecialchars( $row["heading"],ENT_QUOTES,"UTF-8" ),
+            htmlspecialchars( $row["body"],ENT_QUOTES,"UTF-8" )
+        ];
+    }
+}
+catch( PDOException $E ){
+    log_error( $E->getMessage() );
+    header( "Location: http://example.com/error-message.html" );
+    exit;
+}
+
+?>
+<!doctype html>
+<html>
+  <head>
+    <meta charset="utf-8">
+    <title><?= $page["title"] ?></title>
+  </head>
+  <body>
+    <p class="welcome">Welcome, <?= $user ?>!
+<?php if( $user === "Guest" ): ?>
+    <p><a href="/login.php">Click Here to log in</a>
+<?php endif; ?>
+    <h1><?= $page["title"] ?></h1>
+<?php foreach( $contents as list( $heading,$body ) ): ?>
+    <h2><?= $heading ?></h2>
+    <p><?= $body ?>
+<?php endforeach; ?>
+  </body>
+</html>
+<!--
+    Just a little bit of reorganization, and all the problems are gone.
+    "php FIRST" is really the _least_ you should be doing; but it _is_ a big, positive step.
+    If you do this and nothing more, my rage will be quieted.
+    However, it's a solid foundation for learning about:
+        * templating
+        * separation of concerns
+    have fun!
+-->